fdciabdul/PocketPentester
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update application to use insecure.newploit.com as the target domain

Browse Source 
- Changed base URLs and targets in multiple modules to point to insecure.newploit.com for testing purposes.
- Updated README.md to reflect the new domain and provide instructions for setting up the reverse proxy.
- Adjusted configurations in AdminFinder, AutoPwn, Banner, DirFuzz, DnsTools, FormBrute, HttpProbe, PortScan, Repeater, Sqli, SslScan, SubEnum, Xploiter, and Xss components.
This commit is contained in:
taqin
2026-04-25 22:59:51 +07:00
parent f556ac5cd2
commit 4b0a402a4e
17 changed files with 871 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

67
vuln-lab/README.md
View File

@@ -20,41 +20,54 @@ docker compose up --build -d
Add the hostname to your hosts file so the `insecure.newploit.com` SNI /
Host header works:
**Linux / macOS**`/etc/hosts`
## Exposing it
The lab is designed to be run on a home server / LAN box behind a reverse
proxy (cloud VPS, Cloudflare Tunnel, ngrok, tailscale funnel, etc). The
public domain `insecure.newploit.com` then terminates on :80/:443 on the
VPS and forwards to the home container's `8080`/`8443`.
Container mapping:
| Host port (home) | Container | Use |
|------------------|-----------|-----------------------------------|
| 8080 | 80 | reverse-proxy HTTP → insecure.newploit.com |
| 8443 | 443 | reverse-proxy HTTPS → insecure.newploit.com |
| 3306 | 3306 | MariaDB (root:toor / dbuser:dbpass123) |
Sample nginx on the VPS:
```nginx
server {
listen 80;
listen [::]:80;
server_name insecure.newploit.com;
location / { proxy_pass http://<home-ip>:8080; proxy_set_header Host $host; }
}
server {
listen 443 ssl;
server_name insecure.newploit.com;
ssl_certificate /etc/letsencrypt/live/insecure.newploit.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/insecure.newploit.com/privkey.pem;
location / { proxy_pass https://<home-ip>:8443; proxy_ssl_verify off; proxy_set_header Host $host; }
}
```
Or if you just want to hit it locally, add to `/etc/hosts`:
```
127.0.0.1 insecure.newploit.com
```
and use `http://insecure.newploit.com:8080/` directly.
**Windows**`C:\Windows\System32\drivers\etc\hosts`
```
127.0.0.1 insecure.newploit.com
```
**Android (testing from PocketPentester on device)** — set your phone's
Wi-Fi DNS to the dev machine, or just use the host's LAN IP directly:
```
http://192.168.x.x:8080/ (or whatever your dev box IP is)
```
Smoke-test from the host:
Smoke-test from anywhere (once reverse-proxy is live):
```bash
curl http://insecure.newploit.com:8080/
curl http://insecure.newploit.com:8080/.env
curl "http://insecure.newploit.com:8080/search.php?q=<svg/onload=alert(1)>"
curl https://insecure.newploit.com/
curl https://insecure.newploit.com/.env
curl "https://insecure.newploit.com/search.php?q=<svg/onload=alert(1)>"
```
---
## Open ports
| Host port | Service | Notes |
|-----------|-------------------|--------------------------------------------|
| 8080 | Apache 2.4 + PHP | main web app (→ container 80) |
| 8443 | Apache TLS | snakeoil cert for ssl_scan (→ 443) |
| 3306 | MariaDB 10.11 | root:toor, also dbuser:dbpass123 |
---
## Module → endpoint map
Everything below is already wired. Point the tool at `insecure.newploit.com`
@@ -64,7 +77,7 @@ Everything below is already wired. Point the tool at `insecure.newploit.com`
| Arsenal module | Where it hits |
|------------------|------------------------------------------------------------------|
| `port_scan` | 3306 / 8080 / 8443 open (host-mapped ports) |
| `port_scan` | via reverse-proxy: 80/443 public · 3306 only on home LAN |
| `httpx` | Title `Newploit :: insecure test lab`, Server `Apache/2.4.57 …` |
| `banner` | Apache + MySQL banners expose full version |
| `ssl_scan` | Self-signed CN=insecure.newploit.com on :443 |